OpenLDAP slapd crashes on what seems to be a null-ptr-dereference after receiving a malicious TCP packet.
Created openldap tracking bugs for this issue:
Affects: fedora-all [bug 1895288]
Main branch :
2.4 branch :
This vulnerability affects the server side only. As a result, OpenLDAP client components, such as the component shipped in Red Hat Enterprise Linux 8, are not affected by this flaw.
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2021:1389 https://access.redhat.com/errata/RHSA-2021:1389
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):